mhonek / rpms / openldap

Forked from rpms/openldap 3 years ago
Clone
Source Code
GIT

Files

FC-4-split f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f7 f8 f9 libldap-test master private-moznss-f17
  1.   f13
  2.   openldap-2.4.24-cve-ndb-bind-rootdn.patch
Blob Blame History Raw 
(CVE-2011-1025) CVE-2011-1025 openldap: rootpw is not verified with slapd.conf

Resolves: #680472 (tracker)
Upstream ITS: #6661
Upstream patch: http://www.openldap.org/devel/cvsweb.cgi/servers/slapd/back-ndb/bind.cpp.diff?r1=1.5&r2=1.8

diff -uNPrp openldap-2.4.23/servers/slapd/back-ndb/bind.cpp openldap-2.4.23.fix/servers/slapd/back-ndb/bind.cpp
--- openldap-2.4.23/servers/slapd/back-ndb/bind.cpp	2010-04-13 22:23:34.000000000 +0200
+++ openldap-2.4.23.fix/servers/slapd/back-ndb/bind.cpp	2011-02-28 15:05:48.014126213 +0100
@@ -43,11 +43,13 @@ ndb_back_bind( Operation *op, SlapReply 
 
 	/* allow noauth binds */
 	switch ( be_rootdn_bind( op, NULL ) ) {
-	case SLAP_CB_CONTINUE:
-		break;
+	case LDAP_SUCCESS:
+		/* frontend will send result */
+		return rs->sr_err = LDAP_SUCCESS;
 
 	default:
-		return rs->sr_err;
+		/* give the database a chance */
+		break;
 	}
 
 	/* Get our NDB handle */
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.